Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question #9

Closed
Teicu opened this issue Feb 11, 2022 · 9 comments · Fixed by #10
Closed

Question #9

Teicu opened this issue Feb 11, 2022 · 9 comments · Fixed by #10

Comments

@Teicu
Copy link

Teicu commented Feb 11, 2022

Hi,

Please tell me if this tool scans only the main index or there is a option to crawl and test the entire site? I'm sorry to ask, but I haven't seen anything about this.
Thank you

scan4log4shell remote url http://testphp.vulnweb.com -a
[i] Log4Shell Remote Vulnerability Scan
[i] Listening on c832bfasahsi8gnc8r20cednmxoyyyyyr.interact.sh
[i] Start scanning CIDR http://testphp.vulnweb.com
---------
[i] All request to http://testphp.vulnweb.com have been sent
[i] Completed scanning
[i] Waiting for incoming callbacks!
[i] Use ctrl+c to stop the program.
@Teicu
Copy link
Author

Teicu commented Feb 11, 2022

also, is it possible to scan a text file with multiple URL addresses? i.e scan4log4shell remote urls.txt

Cheers

@hupe1980 hupe1980 mentioned this issue Feb 15, 2022
Merged
@hupe1980
Copy link
Owner

I added the possibility to add targets over stdin.

$ cat target.txt | ./scan4log4shell remote url

or

$ crawler | ./scan4log4shell remote url

Unfortunately, the program does not have its own crawler

@Teicu
Copy link
Author

Teicu commented Feb 15, 2022

Hi,

That’s great, we can copy and paste on the target.txt file the URLs from Burp. Thank you very much.

Cheers

@Teicu
Copy link
Author

Teicu commented Feb 15, 2022

it seems it can't stand these commands

cat targets.txt | scan4log4shell remote url 
requires at least 1 arg(s), only received 0

cat targets.txt | scan4log4shell remote

@hupe1980
Copy link
Owner

Are you using the correct version v1.2.0?

@Teicu
Copy link
Author

Teicu commented Feb 15, 2022

Oh, I'm really sorry, it seems I was using the old version. my bad!

Thanks

@Teicu
Copy link
Author

Teicu commented Feb 15, 2022

Works like a charm now!

btw, last question, if the list of url addresses I scan is large, when the scanner finds a vulnerability does it stop or will it report them at the end when it finishes scanning?

@Teicu
Copy link
Author

Teicu commented Feb 15, 2022

or there is the option instead of interactsh to use Burp collaborator and then we see in real time when it finds an interaction?

@hupe1980
Copy link
Owner

The scanner does not stop. All targets are always scanned.

Various catchers (TCP, DNS, LDAP) are included. Burp is not yet supported. But you can easily extend it:

scan4log4shell/internal/catcher.go

Lines 18 to 23 in 7816779

type CallbackCatcher interface {
Listen(ctx context.Context) error
Close() error
Handler(fn CallbackHandlerFunc)
Addr() string
}

Your welcome to create a pull request

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Add stdin targets hupe1980/scan4log4shell
2 participants
@Teicu @hupe1980